Intigriti pentest service supports certifications as biometrics providers approved
Intigriti, a European crowdsourced security platform, has launched a Hybrid Pentesting service as part of its bug bounty program that can support certification to both the SOC2 and ISO/IEC 27001 standards, which many biometrics providers acquire to give their customers assurance of data protection.
Customers seeking certification that pass the Hybrid Pentests are provided with a letter of attestation that they can share with certification bodies to prove the security maturity of their products.
According to a blog post on the company’s website, the Penetration Testing as a Service (PTaas) solution combines the pay-for-impact approach of bug bounty programs with the dedicated resourcing strategy of classic penetration testing.
“Pentesting remains the gold standard for companies and authorities focused on security compliance,” says Pascal Schulz, hybrid pentest manager at Intigriti.
“At the same time, we see an increasing awareness of the need for continuous security testing that pentests have not been able to deliver. A hybrid methodology meets both these needs while providing a balanced and agile approach to security testing.”
iProov gains data security and privacy certification
iProov has announced that it is now compliant with the SOC (System and Organization Controls) 2 Type II standard.
Subject to an annual accreditation process, SOC 2 assures service providers can securely manage non-financial data in the cloud to protect organizations’ interests and their users’ privacy.
Developed by the American Institute of Certified Public Accountants (AICPA), the SOC 2 Type II certification is the most rigorous of the auditing procedures conducted by the Institute.
“Independently certified security, trust and inclusion are the hallmarks of iProov’s services,” comments iProov CEO Andrew Bud. “Every department and process must contribute to our high-security culture, supported by training and controls.”
The SOC 2 news comes months after iProov announced in August it received a certification for its biometric face verification technology with liveness detection to Level of Assurance High (LoA High) per the eIDAS (Electronic Identification, Authentication and Trust Services) regulation.
Adhering to SOC 2 new standards will enable iProov to further improve its security and privacy posture for customers.
“This certification assures our customers, partners and their users that we are continuously monitoring and implementing robust controls over our security, processing integrity and privacy practices,” Bud concludes.
It follows the appointment of Nicole Rowe as iProov’s chief marketing officer (CMO) last month.
Suprema renews ISO/IEC 27001 and 27701 certifications
Another biometric company announcing new credentials this week is Suprema ID, which renewed two international standard certifications concerning information security management (ISO/IEC 27001) and privacy information management (ISO/IEC 27701), respectively.
The firm first acquired the certifications in 2019 and has now renewed them again this year, according to their renewal cycles.
Since first acquiring compliance for the two certifications, Suprema has reportedly enhanced its security policy at an enterprise-wide level, applying GDPR compliance to the company’s BioStar 2 software, as well as access control hardware devices, website, and internal security regulations.
“Suprema is making continuous efforts to invest in information security and personal information protection at all stages from product design and development,” comments Suprema CEO Hanchul Kim.
“We will continue to maintain strong data protection capabilities that meet global standards and provide access control security solutions that customers can trust.”
The certifications’ renewal comes weeks after Suprema launched a new physical access control terminal with face biometrics.